pa-fazil
/
android_packages_modules_Virtualization
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,843 Commits 1 Branch 0 Tags 1.4 GiB
Commit Graph

6 Commits

Author SHA1 Message Date
Victor Hsieh 33daaa3ca1 compos_verity: don't write to log file 
This fixes SELinux denial like:

avc: denied { write } for name="vm_console.log" dev="dm-60" ino=2815
scontext=u:r:compos_verify:s0
tcontext=u:object_r:apex_compos_data_file:s0 tclass=file permissive=0

Bug: 223784827
Test: atest com.android.tests.odsign.CompOsSigningHostTest\
       #checkFileCreationTimeAfterVmStartAndBeforeReboot
      -> Pass only with this fix
Change-Id: I823b5ac09f742bfb4d30674b7f4f23a82a152e7a
 2022-03-25 08:32:59 -07:00
Alan Stokes 32d8fa51af Add back "compos_verify --instance pending" 
I removed this in commit
6542fdd76c. It's not needed in
production, but it turns out it's very useful for testing VM start
times without having to reboot.

Bug: 220824234
Test: composd_cmd staged-apex-compile; compos_verify --instance pending
Change-Id: Ie38f70ca5a71b55bdb05ebdd437b2e55feb429b5
 2022-03-14 14:59:42 +00:00
Alan Stokes dd8dfe8d39 Improve error logging 
It took me more goes than it should have to figure out what I was
doing wrong, so add some context to these error messages.

Test: Builds
Change-Id: I9d1d38046fa1a3c787d280d2caf4e232cac13244
 2022-03-10 15:30:49 +00:00
Alan Stokes 98a964c3d7 Log to System rather than Main 
This fixes the issue where no log messages are produced by
compos_verify. Note that odsign already uses the System log, probably
for the same reason.

Bug: 215419883
Bug: 210919187
Test: Reboot after staged compile, see compos_verify logs
Change-Id: I86b0eda065c9154ae01a465aea7e724b746efa59
 2022-02-23 11:37:46 +00:00
Alan Stokes 6542fdd76c Remove old key management 
Delete a load of no longer needed code.

We no longer support persisting keys in the host. CompOS no longer
accesses DICE directly (compos_key_helper handles that).

We retain the instance image files, but rename pending to current
(it's created before reboot with the staged APEXes and used after
reboot with the current APEXes, but there's no point renaming it).

Remove the attempt to start an existing instance when running
compilation - it is slow, and vanishingly unlikely to work.

Sadly this also deletes all the CompOS unit tests. (But there are some
new ones in compos_key_tests.)

Bug: 218494522
Test: Manual; atest ComposTestCase; atest CompOsSigningHostTest
Change-Id: I0175270341d5dcad614106432b7d2650229cf8a6
 2022-02-18 11:38:11 +00:00
Alan Stokes 16fb8555e8 Rewrite key management & signing 
Extend compos_helper to support signing, use it from CompOS.

Expose the public key from the VM. Rename compos_verify_key to
compos_verify and get it to verify the signature against the current
instance's public key.

Also move DICE access to compos_key_main. There's no use having it in
the library - neither the tests nor compos_verify can use it - and it
complicates the build rules.

There's a lot more that can be deleted, but I'll do that in a
follow-up; this is big enough already.

Bug: 218494522
Test: atest CompOsSigningHostTest CompOsDenialHostTest
Change-Id: I2d71f68a595d5ddadb2e7b16937fa6855f5db0ab
 2022-02-17 16:58:32 +00:00